The Cyber Resilience Brief: A SafeBreach Podcast

SafeBreach

The Cyber Resilience Brief is your 15-minute pulse on how organizations can build stronger defenses and achieve true cyber resilience. Each episode dives into the practical realities of Breach and Attack Simulation (BAS), adversarial exposure validation, and the evolving strategies that keep modern enterprises secure. Hosted by Tova Dvorin and brought to you by SafeBreach — the leader in Adversarial Exposure Validation — this podcast features insights from cybersecurity leaders, integration partners, CISOs, technical experts, and forward-thinking customers. Whether you’re in the EU navigating DORA requirements, managing a global security program, or simply looking to better validate your defensive posture, The Cyber Resilience Brief delivers actionable guidance, partner perspectives, and the latest trends to help your business stay ahead. 🎧 Subscribe and join us as we explore what it takes to proactively defend, adapt, and thrive in today’s threat landscape.

  1. 6d ago

    Ep. 62 - Zero Trust Breaks Against MCP: Why "Verified" No Longer Means Safe

    Most enterprises assume their zero trust architecture covers their AI agents. It doesn't. Hosts Tova Dvorin and Adrian Culley break down why zero trust breaks against the Model Context Protocol (MCP) — and why "verified" no longer means "safe." They unpack trust decay, the WhatsApp and GitHub MCP exploits, rug-pull tool poisoning, CVE-2025-49596, and the rise of "zero standing trust," then close with three moves for CISOs this quarter: inventory your MCP estate, mandate authentication, and validate your controls. #cybersecurity #infosec #CISO #MCP #ZeroTrust #AgenticAI #AISecurity #BAS

    22 min

  2. Jun 3

    Ep. 61 - Blind With Scissors: The NSA's MCP Warning for Every Agentic AI Deployment

    The NSA just published a rare advisory on the Model Context Protocol (MCP)—the plumbing under nearly every agentic AI deployment of the last 18 months—and the verdict is stark: optional authentication, no token lifecycle, silent behavior changes, and no logging to catch any of it. Host Tova Dvorin sits down with defensive cybersecurity expert Adrian Culley to unpack the eight risk categories, the WhatsApp and GitHub MCP exploits, and why MCP is now a testable validation surface. #cybersecurity #infosec #CISO #MCP #AgenticAI #NSA #CTEM #BAS

    22 min

  3. May 27

    Ep. 60 - The Puppet Masters: Mustang Panda's Long Con Against ASEAN Diplomats

    When a tired EU diplomat clicks "connect" on an airport Wi-Fi portal, his briefing — and his government's secrets — end up in Chengdu. Hosts Tova Dvorin and Adrian Culley unpack Mustang Panda (APT27 / Bronze President), the Chinese threat group running the long con against NGOs, ASEAN ministries, and Tibetan and Uyghur activists. Inside: captive-portal Wi-Fi Pineapples that bypass MFA, PlugX side-loading through legitimate apps, and the USB worm that jumps air-gapped military networks. #cybersecurity #infosec #CISO #MustangPanda #APT27 #ChinaAPT #BAS #SafeBreach

    11 min

  4. May 20

    Ep. 59 - Russia's Cyber Arsenal Exposed: Defeating the FSB, GRU, and BlackCat Before They Strike

    In the finale of our Russian intelligence and proxy threat series, SafeBreach engineer Adrian Culley joins host Tova Dvorin to turn five episodes of analysis into concrete, actionable defense. The threat is real — now here's how you stop it. Adrian and Tova walk through five critical mitigation layers your organization needs to implement today: hardening the human firewall through Continuous Automated Red Teaming (CART), enforcing adaptive MFA that Scattered Spider's session token theft and fatigue attacks can't bypass, locking down cloud and SaaS platforms — Salesforce, Snowflake, Okta — against FSB-linked privilege escalation, validating network segmentation against BlackCat ransomware's exact behavioral signatures, and disrupting intelligence sharing between GRU, SVR, FSB, and their criminal proxy networks by tracking IOC convergence in real time. The central thesis: don't guess, test. Every control your team thinks is working needs to be validated against real adversarial behavior — because if SafeBreach can simulate the bypass, so can they.

    9 min

  5. May 13

    Ep. 58 - Double Dragon: How China's APT 41 Works for the State by Day — and Itself by Night

    China's cyber shadow has already reached your software. APT 41 — known as Double Dragon — isn't just stealing state secrets. They've pioneered a new generation of supply chain attacks, trojanizing the shared code libraries that thousands of organizations trust without question. And their latest splinter unit, UAT 7290, has been inside North American developer environments for over a year — not triggering anything, just watching, learning, and waiting to strike in a way that looks completely native. In this episode, Tova Dvorin and Adrian Culley expose the group that breaks every rule of traditional espionage: how the MSS built an elite hacker force by letting them run their own criminal enterprise on the side, how APT 41 turned the video gaming industry into a personal ATM worth millions, and why China's 2026 cybersecurity law has given these groups a 48-hour head start on every new exploit.

    9 min

  6. May 6

    Ep. 57 - Russia's Proxy Bridge: BlackCat, Scattered Spider, and the Kremlin

    In Part 4 of our Russian intelligence series, host Tova Dvorin and Adrian Culley map the proxy bridge between Western teenage hackers and Moscow. BlackCat (ALPHV) ransomware-as-a-service is the operational hinge: Scattered Spider breaks in, BlackCat encrypts, and the FSB watches the dashboard. Hear how the Kremlin earns plausible deniability, why a $115M extortion stream self-funds Russian intelligence, and what MI6's new "hybrid shadow war" warning means for defenders simulating Rust-based ransomware in their own networks.

    12 min

  7. Apr 29

    Ep. 56 - 10,000 Bugs, 12 That Matter: Using AI to Cut Through Exposure Noise with CTEM

    Are you still stuck on the vulnerability hamster wheel? In this episode of the Cyber Resilience Brief, host Tova Dvorin is joined by SafeBreach VP of Product Koby Bar and offensive security expert Adrian Culley to unpack a major shift in how enterprises approach proactive security — and to announce the launch of SafeBreach Helm, the AI validation layer built for Continuous Threat Exposure Management (CTEM). They break down all five pillars of CTEM — scoping, discovery, prioritization, validation, and mobilization — and explain exactly why most organizations stall before operationalizing any of them. You'll learn why nearly 40% of actionable exposures aren't CVEs at all, why CVSS scores without context are dangerous, and how an LLM-driven engine can turn 10,000 vulnerabilities into 12 surgical priorities — validated against your actual environment. Whether you're a CISO trying to prove security ROI, a security engineer drowning in alerts, or a practitioner exploring CTEM frameworks, this episode delivers the blueprint for moving from theoretical risk to proven, validated exposure management. Topics covered: What CTEM actually means and why the detect-and-patch model is brokenHow AI-powered scoping keeps pace with a dynamic attack surfaceWhy toxic combinations of misconfigs and identity risks outrank many high-CVSS CVEsAdversarial Exposure Validation (AEV): testing controls, not just checking boxesHow Helm bridges the IT/security communication gap to accelerate remediation Learn more about how SafeBreach supports CTEM: https://www.safebreach.com/solution-brief/ctem-by-safebreach/

    14 min

  8. Apr 22

    Ep. 55 - The ‘Typhoon’ Hack: How China Hid Inside Your Home Router

    Your home router isn’t just sitting there. It might already be part of a global cyberattack. In Part 2 of our deep dive into Chinese cyber operations, Tova Dvorin and Adrian Culley unpack the “Typhoon” threat groups—Volt Typhoon, Salt Typhoon, and Flax Typhoon—and how they’re quietly reshaping modern cyber warfare. This isn’t about stealing data. It’s about staying hidden, pre-positioning, and being ready to strike. In this episode, you’ll learn: How hackers are living inside networks for years without detectionWhat “living off the land” really means—and why security tools miss itHow compromised home routers became a global proxy networkWhy telecom systems—and even lawful surveillance tools—were targetedThe real strategy behind China’s cyber operations: preparing for future conflict From power grids to personal devices, this episode reveals how the battlefield has already expanded—and why most organizations still aren’t ready.

    10 min
See All (62)

Ratings & Reviews

5
out of 5
2 Ratings

About

The Cyber Resilience Brief is your 15-minute pulse on how organizations can build stronger defenses and achieve true cyber resilience. Each episode dives into the practical realities of Breach and Attack Simulation (BAS), adversarial exposure validation, and the evolving strategies that keep modern enterprises secure. Hosted by Tova Dvorin and brought to you by SafeBreach — the leader in Adversarial Exposure Validation — this podcast features insights from cybersecurity leaders, integration partners, CISOs, technical experts, and forward-thinking customers. Whether you’re in the EU navigating DORA requirements, managing a global security program, or simply looking to better validate your defensive posture, The Cyber Resilience Brief delivers actionable guidance, partner perspectives, and the latest trends to help your business stay ahead. 🎧 Subscribe and join us as we explore what it takes to proactively defend, adapt, and thrive in today’s threat landscape.

Information

You Might Also Like